Today, we are releasing XenForo 2.1.13 to address a potential security vulnerability. We recommend that all customers still running XenForo 2.1 upgrade to 2.1.13 or use the attached patch file as soon as possible.
The issue relates to HTML attribute injection which can be triggered when...